Starting December 15, users will no longer be able to log into the apps and will be automatically redirected to the Facebook website to access Messenger.

Yang’s departure marks the latest in a string of exits from Apple’s AI unit, putting the company into jeopardy in the lead-up to a much-anticipated Siri revamp scheduled for March.

Here's what the new connector lets Anthropic's chatbot do, how it can benefit you, and who gets to access it.

We know that the idea of big tech conferences can be overwhelming, especially if you’re introverted, anxious, or are used to spending most of your day behind your computer. (Which is most of us.) And that’s okay! 

The good news is that GitHub Universe was designed for folks like you. This isn’t just one long conference in a room with thousands of people and no exit. Universe offers all sorts of opportunities to take breaks, hang in small groups, or watch virtually, so that you can learn and network at whatever pace works for you. We’ve built in events to make the experience extra comfortable, safe, and exciting for all.

[Get your IRL pass]

If you’ve already got your pass but are feeling a bit shaky on how it’ll all go, here are some practical tips for how to navigate tech conferences, like GitHub Universe.

1. Attend smaller sessions or workshops

Instead of signing up for the largest, busiest sessions, go for the smaller workshops, niche panels, and breakout sessions. Small-group sessions often foster deeper connections and conversations, and they can help keep you from getting lost in the crowd. 

This year’s Universe will feature many interactive workshops (explore the full list), where the guest list will be small, and the conversations will be deep. You can also add demo-style sandbox sessions to your agenda, which include practical exercises, to keep your mind engaged! 

You may also want to check out gatherings in our discussions lounge, where two to three facilitators will guide small groups through specific topics of interest, prioritizing active participation and collaboration. 

2. Find quiet zones and recharge spaces

We all know that introverts recharge alone. So if you need to step away and take some time to reflect, you should!

At Universe, we’ve created dedicated lounges and recharge spaces, so you don’t have to choose between skipping content and protecting your peace. Need a few minutes to unwind? We’ll have a quiet room for phone-free decompression, meditation, and prayer. We’ll also have plenty of drink options, snacks, and meals available if you need to keep your blood sugar up.

And don’t forget to step outside and take in the stunning waterfront views at Fort Mason—a quick breath of ocean air can do wonders between sessions.

3. Join curated networking activities

If large mixers without a planned topic of conversation feel daunting, you can look for guided or themed activities where the conversation already has a starting point. 

At Universe, you can connect with people who share your passions at structured networking meetup spots, including: 

• Recess!: Meet fellow attendees over your shared interests beyond the code. Whether you’re a Lego enthusiast or a die-hard Swiftie, there’s an opportunity for everyone to connect and simply have fun.
• Makerspace: Create interactive projects, from art to AI and music to robotics. Whether you build or just tinker, this is your playground.
• Open Source Zone: Connect with contributors and maintainers, explore open source projects, and celebrate the power of community-led software. 

4. Set personal goals and boundaries

Decide ahead of time what you want to get out of the event. Take a look at the agenda. What are your must-see sessions? Who are the people you want to meet? Build in plenty of breaks—without guilt! 

Did you know that we offer a Universe agenda builder, curated schedules, and content tracks, so you can figure out the right sessions for your interests and goals? This makes it simple to stick to your plan (and pace yourself!). 

5. Bring a conversation starter

Wearing a T-shirt, pin, or sticker related to your passions makes it easy for someone else to approach you. It may even give you the confidence to approach someone else, too. 

Universe swag (and plenty of community stickers) are designed to help spark those natural, low-pressure conversations. And if you don’t have any swag before the event, you can always visit The GitHub Shop and grab something day-of. We’ll have a brand new GitHub Universe collection, so you’ll be able to rep our latest and greatest. 

6. Take it online with livestream or on-demand sessions

If attending in-person still doesn’t feel right, don’t forget that you can attend GitHub Universe virtually or catch keynotes and select session recordings later on-demand. Our goal: Make sure you can still participate and stay connected in a way that works best for you. 

To note: This might not always be an option at other tech conferences or events, but it’s always worth checking to see if there are ways to learn and connect from home if that’s your preferred method. 

Conclusion

We hope you see you at GitHub Universe this year. Don’t forget that however you plan to attend—in-person, virtually, just a few workshops, or somewhere in between—it’s all in your control. Whether you’re introverted (like us) or extroverted, or somewhere in between, we hope you have the best time! 

[Register now]

The post How to navigate GitHub Universe (or any tech conference) if you’re an introvert appeared first on The GitHub Blog.

In 80% of the cyber incidents Microsoft’s security teams investigated last year, attackers sought to steal data—a trend driven more by financial gain than intelligence gathering. According to the latest Microsoft Digital Defense Report, written with our Chief Information Security Officer Igor Tsyganskiy, over half of cyberattacks with known motives were driven by extortion or ransomware. That’s at least 52% of incidents fueled by financial gain, while attacks focused solely on espionage made up just 4%. Nation-state threats remain a serious and persistent threat, but most of the immediate attacks organizations face today come from opportunistic criminals looking to make a profit.

Every day, Microsoft processes more than 100 trillion signals, blocks approximately 4.5 million new malware attempts, analyzes 38 million identity risk detections, and screens 5 billion emails for malware and phishing. Advances in automation and readily available off-the-shelf tools have enabled cybercriminals—even those with limited technical expertise—to expand their operations significantly. The use of AI has further added to this trend with cybercriminals accelerating malware development and creating more realistic synthetic content, enhancing the efficiency of activities such as phishing and ransomware attacks. As a result, opportunistic malicious actors now target everyone — big or small — making cybercrime a universal, ever-present threat that spills into our daily lives.

In this environment, organizational leaders must treat cybersecurity as a core strategic priority—not just an IT issue—and build resilience into their technology and operations from the ground up. In our sixth annual Microsoft Digital Defense Report, which covers trends from July 2024 through June 2025, we highlight that legacy security measures are no longer enough; we need modern defenses leveraging AI and strong collaboration across industries and governments to keep pace with the threat. For individuals, simple steps like using strong security tools—especially phishing-resistant multifactor authentication (MFA)—makes a big difference, as MFA can block over 99% of identity-based attacks. Below are some of the key findings.

A screenshot of a computer screen

AI-generated content may be incorrect.

Critical services are prime targets with a real-world impact.

Malicious actors remain focused on attacking critical public services –— targets that, when compromised, can have a direct and immediate impact on people’s lives. Hospitals and local governments, for example, are all targets because they store sensitive data, or have tight cybersecurity budgets with limited incident response capabilities, often resulting in outdated software. In the past year, cyberattacks on these sectors had real -world consequences, including delayed emergency medical care, disrupted emergency services, canceled school classes, and halted transportation systems.

Ransomware actors in particular focus on these critical sectors because of the targets’ limited options. For example, a hospital must quickly resolve its encrypted systems, or patients could die, potentially leaving no other recourse but to pay. Additionally, governments, hospitals, and research institutions store sensitive data that criminals can steal and monetize through illicit marketplaces on the dark web, fueling downstream criminal activity. Government and industry can collaborate to strengthen cybersecurity in these sectors—particularly for the most vulnerable. These efforts are critical to protecting communities and ensuring continuity of care, education, and emergency response.

Nation-state actors are expanding operations.

While cybercriminals are the biggest cyber threat by volume, nation-state actors still target key industries and regions, expanding their focus on espionage and, in some cases, on financial gain. Geopolitical objectives continue to drive a surge in state-sponsored cyber activity, with a notable expansion in targeting communications, research, and academia.

Key insights:

China is continuing its broad push across industries to conduct espionage and steal sensitive data. State-affiliated actors are increasingly attacking non-governmental organizations (NGOs) to expand their insights and are using covert networks and vulnerable internet-facing devices to gain entry and avoid detection. They have also become faster at operationalizing newly disclosed vulnerabilities.

Iran is going after a wider range of targets than ever before, from the Middle East to North America, as part of broadening espionage operations. Recently, three Iranian state-affiliated actors attacked shipping and logistics firms in Europe and the Persian Gulf to gain ongoing access to sensitive commercial data, raising the possibility that Iran may be pre-positioning to have the ability to interfere with commercial shipping operations.

Russia, while still focused on the war in Ukraine, has expanded its targets. For example, Microsoft has observed Russian state-affiliated actors targeting small businesses in countries supporting Ukraine. In fact, outside of Ukraine, the top ten countries most affected by Russian cyber activity all belong to the North Atlantic Treaty Organization (NATO) —a 25% increase compared to last year. Russian actors may view these smaller companies as possibly less resource-intensive pivot points they can use to access larger organizations. These actors are also increasingly leveraging the cybercriminal ecosystem for their attacks.

North Korea remains focused on revenue generation and espionage. In a trend that has gained significant attention, thousands of state-affiliated North Korean remote IT workers have applied for jobs with companies around the world, sending their salaries back to the government as remittances. When discovered, some of these workers have turned to extortion as another approach to bringing in money for the regime.

The cyber threats posed by nation-states are becoming more expansive and unpredictable. In addition, the shift by at least some nation-state actors to further leveraging the cybercriminal ecosystem will make attribution even more complicated. This underscores the need for organizations to stay abreast of the threats to their industries and work with both industry peers and governments to confront the threats posed by nation-state actors.

2025 saw an escalation in the use of AI by both attackers and defenders.

Over the past year, both attackers and defenders harnessed the power of generative AI. Threat actors are using AI to boost their attacks by automating phishing, scaling social engineering, creating synthetic media, finding vulnerabilities faster, and creating malware that can adapt itself. Nation-state actors, too, have continued to incorporate AI into their cyber influence operations. This activity has picked up in the past six months as actors use the technology to make their efforts more advanced, scalable, and targeted.

A graph on a blue background

AI-generated content may be incorrect.

For defenders, AI is also proving to be a valuable tool. Microsoft, for example, uses AI to spot threats, close detection gaps, catch phishing attempts, and protect vulnerable users. As both the risks and opportunities of AI rapidly evolve, organizations must prioritize securing their AI tools and training their teams. Everyone –— from industry to government –— must be proactive to keep pace with increasingly sophisticated attackers and to ensure that defenders keep ahead of adversaries.

Adversaries aren’t breaking in,; they’re signing in.

Amid the growing sophistication of cyber threats, one statistic stands out: more than 97% of identity attacks are password attacks. In the first half of 2025 alone, identity -based attacks surged by 32%. That means the vast majority of malicious sign-in attempts an organization might receive are via large-scale password guessing attempts. Attackers get usernames and passwords (“credentials”) for these bulk attacks by in largelargely from credential leaks.

However, credential leaks aren’t the only place where attackers can obtain credentials. This year, we saw a surge in the use of infostealer malware by cybercriminals. Infostealers can secretly gather credentials and information about your online accounts, like browser session tokens, at scale. Cybercriminals can then buy this stolen information on cybercrime forums, making it easy for anyone to access accounts for purposes such as the delivery of ransomware.

Luckily, the solution to identity compromise is simple. The implementation of phishing-resistant multifactor authentication (MFA) can stop over 99% of this type of attack even if the attacker has the correct username and password combination. To target the malicious supply chain, Microsoft’s Digital Crimes Unit (DCU) is fighting back against the cybercriminal use of infostealers. In May, the DCU disrupted the most popular infostealer —– Lumma Stealer –— alongside the US Department of Justice and Europol.

Moving forward: Cybersecurity is a shared defensive priority.

As threat actors grow more sophisticated, persistent, and opportunistic, organizations must stay vigilant, continually updating their defenses, and sharing intelligence. Microsoft remains committed to doing its part to strengthen our products and services via our Secure Future Initiative. We also continue to collaborate with others to track threats, alert targeted customers, and share insights with the broader public when appropriate.

However, security is not only a technical challenge, but a governance imperative. Defensive measures alone are not enough to deter nation-state adversaries. Governments must build frameworks that signal credible and proportionate consequences for malicious activity that violates international rules. Encouragingly, governments are increasingly attributing cyberattacks to foreign actors and imposing consequences such as indictments and sanctions. This growing transparency and accountability are important steps toward building collective deterrence. As digital transformation accelerates—amplified by the rise of AI—cyber threats pose risks to economic stability, governance, and personal safety. Addressing these challenges requires not only technical innovation but coordinated societal action.

The post Extortion and ransomware drive over half of cyberattacks appeared first on Microsoft Security Blog.

This week Microsoft released the final free monthly update to Windows 10. While this marks the end of support from Microsoft, Firefox will continue to support Windows 10 for the foreseeable future.

If you remain on Windows 10, you will continue to get the same updates to Firefox you do today, with all of our latest feature improvements and bug fixes. This includes our commitment to resolve security vulnerabilities as rapidly as we can, sometimes in less than 24 hours, with special security updates. Windows 10 remains a primary platform for Firefox users. Unlike older versions of Windows like Windows 7 and 8, where Mozilla is only offering security updates to Firefox, Windows 10 will get the latest and greatest features and bug fixes just like users on Windows 11. 

Should you upgrade to Windows 11?

While Mozilla will continue to deliver the latest updates to Firefox on Windows 10, security online also requires continued updates from Microsoft to Windows 10 itself, and to the many other software and devices that you use on your Windows 10 computer. That’s why we recommend upgrading to Windows 11 if your computer supports it. You can find out if your PC can run Windows 11 and upgrade to it for free from your Windows update settings. With this option, when you start up Windows 11 for the first time you’ll find that Firefox is still installed, and all of your data and settings are just like you left them. 

If your computer cannot run Windows 11, or you wish to remain on Windows 10 for other reasons, your next best option is to make sure you’re getting “extended security updates” from Microsoft. While these updates won’t deliver new Windows features or non-security bug fixes, they will fix security vulnerabilities that are found in Windows 10 in the future. You should see an option to “enroll” in these updates in your Windows update settings, and if you choose the “Windows Backup” option you’ll get the updates for free. Microsoft has more information on Windows 10 extended security updates if you have other questions. 

Preparing for a device upgrade or new PC

If you get a new Windows 11 PC you might be surprised to see that even if you used Windows Backup, non-Microsoft apps like Firefox haven’t migrated with you. You will typically get a link in your start menu or on your desktop to re-install Firefox, and after it’s installed you’ll find that everything is “fresh” — without your bookmarks, saved passwords, browsing history, or any of your other data and settings. 

This can be frustrating, but we do have a solution for you if you prepare in advance and back up your data using Firefox sync through a Mozilla account. To get started with sync, just choose “sign in” from the Firefox toolbar or menu, and we’ll walk you through the quick process of creating a Mozilla account and enabling sync. 

Firefox sync helps transfer your data securely

Sync isn’t just for people who have Firefox running on more than one computer. It’s also a safe way to back up your data and protect yourself against a lost laptop, a computer that breaks down or is damaged, or your own excited forgetfulness if you get rid of your old PC the moment you get a new one. And what many Firefox users may not realize is that Firefox sync is “end-to-end encrypted,” which is a fancy way of saying that not even Mozilla can read your data. Without your password, which we don’t know, your data is an indecipherable scramble even to us. But it’s safe on our servers nonetheless, which means that if you find yourself with a new PC and a “fresh” Firefox, all you need to do is log in and all your bookmarks, passwords, history and more will quickly load in. 

Meanwhile, you can also rest assured that if you continue to use Firefox on Windows 10 over the next few years, we’ll let you know through messages in Firefox if there is new information about staying secure and whether our stance regarding our support for Windows 10 needs to change. 

Thanks for using Firefox, and know that you can always reach us at Mozilla Connect. We’re eager for your feedback and questions.

Take control of your internet

Download Firefox

The post Windows 10 updates are ending. Here’s what it means for Firefox users. appeared first on The Mozilla Blog.